Slashdot Mirror
Why 'rm -R star' Isn't Enough
zdburke writes: "Short but interesting article in the New York Times (free reg req'd) about how difficult it is to cover your digital tracks because electronic documents are so well distributed -- on your lap top, on your workstation, on the server... Yes there are tools to thoroughly delete files on your computer, rather than just unlinking them when they're put in the trash, but it's the distributed nature of content these days that poses a special problem to the Ollie North's of the world."
On my harddrive space challenged machine, usually the reason I delete something is to make room for something else. So, chances are if they want "super-secret-MS-secrets.txt", the sectors have already been overwritten by "bspears-nude.jpg"
:)
If you want to delete your track - don't use G4...
Read the article and sigh http://www.barefeats.com/pentium4.html
If you're afraid that mirrors will copy your files, why don't you just overwrite the file with the same name, just some bogus data. That file will be mirrored again since it has a new date.
Sometimes when a problem gets high tech, it's time for a low-tech approach.
Wealth is the product of man's capacity to think. -Ayn Rand
I always like to add the "f" right after that "-R"...
:>
That good enough for ya?
is rm -rf /
.dotfiles.
Otherwise you'll miss out all those pesky read only files, and
None are more hopelessly enslaved than those who falsely believe they are free. Johann Wolfgang von Goethe.
It's quite possible to recover files, because, much like PCs nothing actually gets 'deleted'. The inode is marked as 'available for reuse' and removed from the directory entry, but doesn't actually remove anything. /dev/zero over a file just prior to erasing it work?)
Looking for an undelete? Take a look at the coroners toolkit. There's even instructions on how to recover files from a unix partition (any unix). It's one of those ones which you'd _really_ need to recover the data because it's hard work and a pain, but it is possible.
I don't recall seeing and 'write with zeros' program for Unix. I guess there must be some out there, since at a guess it's fairly trivial. (would dding
Of course, there's always disk analysis with an electron microscope, which I've always heard was possible but it's not one I've ever had substantiated.
Don't try to cover your tracks, delete every little bit of info about you, that's waaay too much time and effort. Want you want to do is put sooo much crap out there, no one can tell the real info from the synthetic.
Also, it's the internet. Make up shit. The only thing you really can't lie about is online purchases with a credit card (well...), anything else is open territory for your imagination!
Say you have important information on your hard drive. You only want one other person to see that information so you put that information on a floppy disk then give it to that person. No one else can see this information. You then take a pencil and stab the magnetic film of the floppy about 30 - 40 times. You then take lighter fluid and douse the entire floppy and light it. Stomp on the ashes for extra measure. Since the data has been on your computer. You must first take your hard drive out. Expose it to a giant magnet, then shoot it with a 12 guage (twice). Take all the IC's out of your computer and smash them with a sledgehammer, then run over them with your truck. Burn those with lighter fluid too. Since your monitor most likely displayed that sensitive information, you must take it to a helicopter and drop it. Have the helicopter land on the debris for safe measure.
Ensure that the other person gives your data to no one. Do a thorough background check on him and his closest 50 living relatives. After he is done processing the information; shoot him.
No need to worry about any information getting anywhere.
That is because modern computers organize information by using file-system directories that point to physical areas on a disk drive where the data resides. "Deleting" the information usually only breaks the link between the directory and the data so that the original storage space can be reused in the future.
:)
Gee...what a stride. Too bad we didn't have technology like this in the 80's. A company like Norton could have made a killing making tools to relink the file table with these sectors, almost as if they were UNDELETEing the file.
I just love expressions like "modern computers" used in this way, when the reporter meant to say "Well...this is new to me, must be new to the computer too." Of course, we all know that it is the computer that has this behaviour - not the OS sitting on top of it
IIRC, DOS used to just replace the first character name of a file with a ? in the FAT when you deleted it, so to undelete it, you just supplied a letter to "rename" the file as.
I personally don't keep anything around on my computer that has any incriminating information. If I did, I'd be damn sure that it's not in a shared space that gets copied onto any server or anything like that. I think any computer savy person already knows that you just don't keep digital records of things you don't want people to find out, and you definitely don't keep them anywhere there's a remote possibility the data could be duplicated. This will probably only jump up and bite the illiterate "business major" types, and I really don't have a problem with that.
~ now you know
If you are concerned enough about your data to want to permanently delete it, or at least keep your tracks covered, you'll use PGP and either wipe your freespace multiple times to completely obscure data, and/or keep your important files encrypted.
Although encryption is, in theory, breakable, the resources to do so don't exist (unless the NSA has some quantum computers squirreled away somewhere), your files will be safe.
In short, if you want to keep files private, use PGP, and use it wisely. If you don't make more of an attempt, other than "well, if I tell Windows to delete it, it's gone", to keep files hidden/gone for good, you deserve to have your data recovered.
Gawyn
Freedom of Speech?
A big 'old electromagnet.
Degauss the disk and it's gone for good.
Accually, does anyone else remember the movie Blue Thunder?
The video tape jackets had electromagnets build into them, and thus could delete any tape that the bad guys wanted.[1]
I wonder when IBM or someone will build a HD with a self delete 'fail safe' system. When the drive powers down without a password, wipe.
[1] There is some ironny here somewhere folks. Just can't think of a witty remark.
III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIII
Which doesn't really help for trade secrets, and such. If it is the informatin that you are trying to hide, it is a problem.
If it is the accountability to the document (ala Ollie North's shredding), that is a different thing entirely.
Unless it is digitally signed, though, any copy laying around has built in, plausible denyability. It wouldn't have tripped up Ollie or Reagan at all.
http://archive.nytimes.com/2002/01/14/technology/e business/14DELE.html
If you are in a situation that warrants immediate data loss, rest your HD on one of those 9 track tape erasers and let it go for a while.... That should take care of it.
The court was tired of recounts, and demonstrated how to take care of it.
You could use portable drives and always have it with you. This way if ever it was lost or stolen, the data would be encrypted or the drive would self destruct. Even things like plam and retina scanners won't keep people out of important data. They'll just cut your eye out or cut off your hands.
It is possible to take a disk apart and use an electron microscope to read information from the individual magnetic spots on the surface of a disk that may have been intentionally erased, Mr. Patzakis said.
I monitor the forensics list on securityfocus, and there was discussion that this might be mostly a myth.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Yes there are tools to thoroughly delete files on your computer, rather than just unlinking them when they're put in the trash, but it's the distributed nature of content these days that poses a special problem to the Ollie North's of the world.
:D
Well, I don't think any OS has ever been short of undeletion tools - in unix, one can grep the inodes on a disk for a particular known string of a file and recover it fron a known template. Tools like gpart (a partition guesser) also easily recover those vital 512 bytes of your hard disk.
Where Unix has been lacking, behind most other systems, is the opposite - a good, reliable, trashcan. It might be interesting to note that there's now a reliable trashcan for Linux, BSD and other glibc systems th simply preloads and wraps unlink, `move and a couple of other system calls.
Since glibc is a part of the Linux Standard base, it works along with every LSB standard app. Even better, it doesn't matter whether you delete the file from KDE, GNOME, shittyunixtoolkitforhellcirca1980something or a terminal.
Anyway, check out Libtrash. And if you're a GNOME or KDE hacker, I'll give you a big hug if you use this as the default trashcan or your next release.
I can recall the nervousness of some folks dropping off their computer at a repair shop, because the machine had failed before they had a chance to destroy their pron collection and they had slightly exotic tastes. Things like that are always usefule to a legal team.
"It is a greater offense to steal men's labor, than their clothes"
For the lazy: substitute 'archives' where www appears
--El Linuxero
Syncronize all of your files with a version encrypted with a randomly generated key. Not instant, but they all become effectively "erased". (Unless your using some type of versioning system)
I demand a million helicopters and a DOLLAR!
cat /dev/urandom > /dev/hda1
repeat until satisfied
Of course `rm -R *` isn't enough -- it just unlinks files, but doesn't delete datablocks. To delete datablocks, try the -P option which overwrites the file data before unlinking. Unfortunately, this option is not available on GNU `rm` which is used on most Linux systems.
Of course 'rm -R *' isn't enough...
... you need '-f'!
Yeah, thats better.
Skiers and Riders -- http://www.snowjournal.com
Norton has nothing to do with Midnight Commander.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
I haven't been able to find PGP Freeware on the pgp.com or mcaffee.com websites for a while.
But, apparently it is still downloadable from cnet - www.download.com, search for PGP.
Does anyone know if they've stopped making this, or if there's an url for updated versions?
The downloadable is version 7.0.3. It does include the regular pgp features, as well as the disk-wipe, which I'm assuming writes out zeroes to unused sectors. It also lets you specify the number of passes, incase the secret enemy has the technology to look at the "wiped" areas and determine what data was there previously, even though it's now all zeroes.
It also includes plugins for Outlook and Outlook express. It's definitely work downloading (while you still can).
"Would it kill you to put down the toilet seat?" -- Maya Angelou
Exploding chips. Just store the information on EEPROMs made from this material. You want to erase it? Just have it explode!
If you can't beat them, embrace and extend them.
PGP is a brillient tool for encryption (esp. e-mail) and PGP disk or Scramdisk are great for secure archiving on windoze machines. However the PGP wipe isn't very good. This link explains why and gives good alterantives for windoze users.
Linux users already have encrypted filesystems and secure file wipeing as standard in all(?) common distro's. (I know that SuSE even lets you overwite the wiped files with zeros to hide its very existance)
Anyone quoted by a reporter knows how little they understand
Don't believe what you read is the truth.
So in other words, Eron my not have covered their tracks as well as they thought... :)
shred -f *.*
It kill DATA DEAD
the only thing 'rm -R star' will do is remove 'star' and everything below it. I don't understand how everyone can keep saying that this removed everything. I don't even use LINS (Linux is not Stallman's) and I know that.
By the way, why aren't more gnu pushers washed and clean shaven?
MOM
There is a program called shred that comes with most distributions nowadays that overwrites the files with different patterns before unlinking them. There was something about this on Slashdot a while ago. This program seems to use a simular algorithm.
I was hired to recover files from a hard drive by a woman who was getting a divorce. Her husband had been cheeting on her. The moron had norton systemworks installed on his system and never defraged his drive. I was able to recover over a years worth of incriminating emails with nortons undelete. Boy was that easy money
http://Lenny.com
4 great justice!
If you have problems destroying documents, you could always ask Arthur Anderson or Enron.
Nobody reads the LA Times online... but I get it in my driveway every day. Its an underappreciated paper.
slashdot as anonymous coward. Nobody visits the karma dungeon anymore. Safest place ever. Last time we had a moderator down here was waay back in ought one.
We didn't need distributed networks and mirroring to find a stained dress...
Computer Science is Applied Philosophy
me, my pr0n, software to write 1s and 0s, a screwdriver, and some emery board, followed by fire.
Bye bye disk platters.
Bit busy -- finishing up The Book(TM) -- but I wrote a bit about this subject some time ago. Head over to: http://www.doxpara.com/read.php/security/secure_de letion.html
There's a Part 2, and some other stuff over there too. yeah, the site needs to be updated desperately. Wait till feb.
There's one piece of information that's very new and very, very cool: Apparently, some company has been going around the WTC crash site, picking out hard drives from crushed servers, and (though I can't imagine this) actually recovering data from the drives through all the crush damage and dust. I mean, yes, the concept that a non-portable, super expensive, very labor intensive read head would be able to recover significantly more data redundancy than some mass produced mag-head is unsurprising, but...damn.
--Dan
The US government today announced plans to impose restrictions on so called 'File Deletion' utilities, and possibly even outlaw them altogether, in the name of national security. "These file deletion programs can be used by terrorists to cover their tracks, and remove evidence." claimed a government security expert. "criminals such as Osama Bin Laden, can cover up any electronic evidence, and make prosecution impossible." However, civil liberties groups claim that the ban would infringe their first amendment rights. Other experts claim that anyone can create a file deletion program with even basic programming knowledge. We interviewed one expert who explained how: "One simple way to make sure your data is wiped clean, is remove the hard drive from your computer, and place it in a furnace for 15-20 minutes." the interview was cut short, when government agents stormed the building and arrested the expert for "discussing circumnavigation devices for data deletion".
This comment does not represent the views or opinions of the user.
I ask this since there are unerase utils in windows, could they be using a vfs? If they are, wouldn't they have to stay resident forever monitoring all content?
DOS 6.x had an undelete.exe TSR that patched the DOS call to remove a file. It had two modes: Delete Tracker (remember deleted directory entries) and the stronger Delete Sentry (similar to the Mac's trash can and to the forthcoming Windows 9x's recycle bin). When using the Delete Tracker or non-TSR mode, it would look at the directory entry of the deleted file (from the directory in non-TSR or from a database in Delete Tracker) and then follow the FAT chain to retrieve as much of the file as it could. Delete Sentry simply moved files into a folder C:\SENTRY, no matter what program deleted them, ignoring *.tmp and a few other file types.
Mac OS 7 or later and Windows 4 or later, on the other hand, have two separate delete calls (for discussion, call them unlink() and ShellDelete()). The unlink() call actually deletes a file and should be used on tmp files, in uninstallers, etc. ShellDelete(), on the other hand, moves a file to a folder called vol:Trash (on Mac) or vol:\Recycled (on Windows); the shell (Finder or Explorer) provides a command Empty Trash... to do what is essentially an rm -rf on the Trash folder.
In UNIX systems and their clones, merely make a shell command alias that maps a command to move the file to the ~/.trash folder.
Will I retire or break 10K?
According to VH1 where are they now television show, Gary Glitter (co-founder of legendary punk band, the new york dolls - and author of that rediculous jock jam) had computer problems and brought his pc into a repair shop. They then discovered child pr0n and turned him in. Haha!
I live under the bridge, in a pile of feces.
so what about shred then? From the man page:
Delete a file securely, first overwriting it to hide its contents.
By default it overwrites it 25 times, IIRC DoD standard is 7 times so it should be enough.
He who defends everything, defends nothing. -- Fredrick The Great
Have you considered using GnuPG? It the FSF's equivalent application. It does have an outlook plugin and and a Windows front-end.
Presumably PGP runs on unix?
PGP 6.5.8, the last freeware version
GnuPG 1.0.6, the GNU Privacy Guard, is a free implementation of the OpenPGP spec.
Will I retire or break 10K?
On some systems, rm has an option to nuke the contents of the file before unlinking it:
man rm
<snip>
-P Overwrite regular files before deleting them. Files are overwritten
three times, first with the byte pattern 0xff, then 0x00, and then 0xff
again, before they are deleted.
</snip>
You can just put "alias rm rm -P" in your login script to make this the default.
Why isn't 'rm -R star' enough?
Because if you have files or directories that are named anything other than 'star', they're staying right where they are.
You have to employ the use of a wipe utility to completely remove all traces of the file.
In my book, that's the only safe way to do it on any OS, although I only actually use Linux, Windows, and Solaris.
Considering most systems come with 15-60gig drives now, it would take a long time to actually write over all the sectors used for that file in its entire lifetime.
No longer than a couple defrags. Simply open thousands of multimegabyte files, and then in each file, write a layer of 0's, a layer of 1's, and a couple layers of random data, and you're pretty safe. Five passes on a 20 GB partition shouldn't take more than a few hours depending on the transfer rate from computer to drive.
Will I retire or break 10K?
Does anyone which (software) tool does the best job of wiping on a ReiserFS partition? According to the man page for shred it doesn't do an "effective" job on ReiserFS.
Peter Guttman is a bit of a guru in this area. If you want to know how to protect yourself and your data against investigators using oscilloscopes on hard drive platters, then check this link.
http://www.cs.auckland.ac.nz/~pgut001/
I'm using Cyberscrub after every session to keep me clean.....
In a book I read a while back (by Tom Clancy and Steve Pieczenik) in a series called 'Net Force' a super-geek (described as a brilliant genius) apparently had a bad childhood that caused him to want to wipe out any informational link to his family that might exist. The book is set in a time where the Internet is far more expansive than it is now, where all information is stored online and all communications take place online and search engines are all powerful. In this setting, the author introduces what he terms a 'killbot' - a small application or scriptlet whose purpose is to literally 'kill' information.
The way it is described, these 'killbots' are illegal (big surprise). They apparently work by hacking into information sources turned up by search engines and removing the relevant information from the source's databases. While all very fictional, I wonder how far we are from something of this nature. Information may want to be free, but if someone wants to remove information by any means necessary, this may not be far off.
Just a thought.
From the GNU shred info node:
shred overwrites devices or files, to help prevent even very expensive hardware from recovering the data.
Ordinarily when you remove a file (*note rm invocation::), the data is not actually destroyed. Only the index listing where the file is stored is destroyed, and the storage is made available for reuse. There are undelete utilities that will attempt to reconstruct the index and can bring the file back if the parts were not reused.
GNU shred is very featerful, as costumary in GNU utils, and has many flags to modify the behaviour.
BSD ppl are always praising the 'Unix Way' of small utilities that do a very defined job and nothing more, and hate the extended features that GNU utils provide; in this case it's BSD rm that is doing something that could be done by another tool by adding a flag! Horror!
Seriously, GNU shred is a good tool, and it can receive some interesting flags that a simple rm -P doesn't support.
cheers,
fsmunoz
Does having a journeled file system make shred
not work? Specifically ext3. What about the
file systems that journal data too?
-- ac at work
Get a computer with a huge amount of hard drive space as an nfs server and have a really powerful diskless workstation to do your stuff. Keep all information on the server pgp encrypted a few times over and work from a RAM drive on the client. When the feds come, just turn of the client and tell them to go to hell. :)
Don't worry about deleting old files. "Someone" is installing keystroke loggers and they won't need your files.
Those pencils put Graphite dust into the microgravity environment. The dust was free to float into the electronics and other systems. Once we perfected the zero-G pens, the Russians used them as well. The Russian Pencil is a poor example of low tech smarts over high tech stupidity.
cat /dev/zero > file_with_data_you_want_to_dissapear
While the resources probably don't exist to directly attack PGP, this makes certain assumptions
Even if those are true, there are other attacks possible - Most people don't use a sufficient passphrase, so that becomes the easiest attack.
After that, you have to worry about things like "Magic Lantern" and black bag jobs
How paranoid do you want to get?
-- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
Book about Kevin Mitnick, and the guy who caught him(??)..Anyway, I remember reading in there about someone who built a large electromagnet around their doorframe so that if their computer was removed they would degauss the drives on the way out..I don't know if this would work but it sure sounded like a good idea...
These guys have a cunning method to make sure their data can't be read:
"sensitive data is stored on hard disks which are hard-wired to physically self-destruct when tampered with"
If you're lucky it might take out the investigating officer too...
For most of us here, the gov'ts electron-microscope method of determining old data is irrelevant. How many of you here think that it'll be employed against you? That said, I suppose for those of us who engage in a big-time trading of files via P2P networks, & DeCSS, etc, there's always the possibility of criminal prosecutions. So, let me go over the 3 types of "data deletion", and say where each should be used:
1. Typical deletion. Files are unlinked with their directories, so your OS does not "see" them and has more space available to write with. If the information is not sensitive, or you don't fear intrusion, this is the fastest, and also best, method of deletion. It simply changes the first character of a file name do something that your OS doesn't recognize -- a very fast process. The Advantage: data is recoverable via a data-recovery utility. The Disadvantage: the data has not been securely eliminated.
2. Simple once-sweep wipe-over deletion. Either random 1s and 0s, or wholly 1s, or wholly 0s, are written over an entire file. Use this for data that is sensitive, or where you fear cyber-intrusion by hackers. The Advantage: data is securely eliminated, beyond the reach of anyone who hacks into your computer. The Disadvantage: data is irrecoverable to you, should you realize you made a mistake, and this process is slower.
3. A multi-sweep wipe. Same as above, but many sweeps are performed, enough to make typical electron-microscopy methods of data-recovery inviable. This method effectively makes data irrecoverable by any means. Electron microscopes can detect "old zeros" by ghost-patterns, a slight trace. But if data has been written over many times, the older data is impossible to recover even by those methods. The Advantage: this method securely removes the data, beyond the reach of any technological means. The Disadvantage: this method is very slow, and again, data is irrecoverable should you learn you made a mistake.
It should be noted that whenever you want to securely delete data, not only do you need to wipe the file, but you also need to wipe your swap files and your temporary files.
So, let me summarize when each of the methods of "data-removal" should be used, starting with the strongest method (a multi-sweep wipe), and ending with the weakest method (the renaming of the first filename character to something unrecognizable):
1. A multi-sweep wipe. Use this when you have data on your computer that could be used against you in a lawsuit or prosecution. For example, certain kinds of pornography, copyrighted files, warez, and other various information that's been deemed "illegal" by the Information Police in the MPAA, RIAA, MS, and the US Gov't.
2. A single-sweep wipe. Use this for information that is sensitive, but that you need not fear should the government get ahold of. For exmaple, financial files, files containing credit-card information, etc -- anything you'd want to protect from online-hackers using data-recovery programs. The government, though draconian, has not been known to steal people's credit cards using electron-microscopy. Similarly, hackers have not the resources to use electron-microscopy to acquire your credit cards -- nor would it be worth it. However, if your a high-tech company selling your computer equipment to another company, a multi-sweep delete of your files may be necessary to protect your information from competing companies, who may have bought your machinery through another company as a front.
3. A deletion that dissociates the file from the directory (renames the 1st character). Use this for non-sensitive data. For example, stories you've written, calendars, lists, ideas, old programs, pictures, etc etc.
Hope this has been helpful -- and please, remember, if you want to securely remove sensitive data either by a single-sweep wipe (to protect it from hackers) or a multi-sweep wipe (to protect it from the government), please remember to also securely remove swap files and temporary files as well!
social sciences can never use experience to verify their statemen
Under CP/M, it's even easier to undelete a file: all metadata was stored in the directory. (Flat file system - only a root directory.)
When a file was deleted, a single byte - the "user number" was changed. If you wanted to undelete a file, you only needed to restore that byte (which would be 0 for the single-user version).
WWTTD?
...you have just lost your most important having-worked-on-this-for-years file, which will obviously be lost forever.
I have a set of files that are hard to manage for me. I have a copy on my desktop, laptop, webserver, and sometimes even on floppy (to take to school.) Just keeping these files up to date is hard (redundancy is good, esp for things like research papers (-:,) and I imagine that if I ever needed to erase a file, that too would be very difficult.
What I'd really like is a cross-platform program to sync a directory between several computers. If I could keep my home directory current, that would be AWESOME. Maybe once I get some time I'll get around to making it.
--Roy
Forest Green Book from the NCSC.
"A Guide to Understanding Data Remanence in Automated Information Systems is intended for use by personnel responsible for the secure handling of sensitive
or classified automated information system memory and secondary storage media. It is important that they be aware of the retentive properties of such media,
the known risks in attempting to erase and release it, and the approved security procedures that will help prevent disclosure of sensitive or classified
information. This version supersedes CSC-STD-005-85, Department of Defense Magnetic Remanence Security Guideline, dated 15 November 1985."
"5.1.3 DESTRUCTION
It is good practice to purge media before submitting it for destruction. Media may generally be destroyed by one of the following methods. (Although
approved methods, options d and e use acid, which is dangerous and excessive, to remove recording surfaces. Options a, b, and c are recommended over d
and e.)
a. Destruction at an approved metal destruction facility, i.e., smelting, disintegration, or pulverization.
b. Incineration.
c. Application of an abrasive substance (emery wheel or disk sander) to a magnetic disk or drum recording surface. Make certain that the entire
recording surface is completely removed before disposal. Also, ensure proper protection from inhaling the abraded dust.
d. Application of concentrated hydriodic acid (55% to 58% solution) to a gamma ferric oxide disk surface. Acid solutions should be used in a
well-ventilated area only by qualified personnel.
e. Application of acid activator Dubais Race A (8010 181 7171) and stripper Dubais Race B (8010 181 7170) to a magnetic drum recording surface.
Technical acetone (6810 184 4796) should then be applied to remove residue from the drum surface. The above should be done in a well-ventilated
area, and personnel must wear eye protection. Extreme caution must be observed when handling acid solutions. This procedure should be done
only by qualified and approved personnel.
For additional information on destruction techniques and emergency destruction, see Institute for Defense Analyses (IDA) Report R-321, Emergency
Destruction of Information Storing Media. [6]"
This guide has a lot of info on many types of media too.
Did you not notice the little "[sic]" immediately following the word "Engilsh"? The same "sic" that, according to your precious dictionary, means "intentionally so written"? Are you blind?
That may be, but it's worth remembering that the gold standard that both the government and military use for file deletion is the physical destruction of the media. While this is something I've only been told about, with respect to the U.S at least, I've seen no shortage of government auctions here in Ottawa listing X number of computers available, no hard drives included.
Mike Hoye
Many contracts say that at some point after the contract ends you have to delete whatever copies you've got of the confidential documents, source code, whatever.
It's not that hard to delete copies from your hard disk, shred the hard copies, and remember to "really delete" it all from your source code control system.
But who, in the real world, goes through their backup tapes, CDs, whatever, trying to erase individual files? or even parts of files? whilst not destroying other data - it just can't be done.
errm, 3?
what about using an encrypted filesystem via a loopback device? the data is still there, but nice and encrypted.
If you ignore ACs because they are anonymous - you're an idiot.
A few posts have mentioned the idea of wiping your disks mutiple times to safely get rid of data.
For a more complete and viable explanation of this method check out the following paper published on this subject here
FreeBSD users have the program obliterate in the sysutils part of the ports collection. It takes pains to overwrite the data in order to make sure the file, even if re-linked, is unusable.
/dev/rand.
If I understand correctly, it open the file for writing multiple times first. First it writes 0s, then 1s, then alternate beginning 0s and 1s, then 1s and 0s, then patterns of 1s and 0s of all descriptions, then several passes from
The upshot is that even if you find the inode and relink to the data, it's been overwritten so many times than you really can't possibly recover it even using forensic methods.
At least give us some options! Or dare I say I could do with a clue?...
J-aims
--
Yo, whatever happened to peas? Join T( H)GS
Was it the orange stains on his hands and the faint odor of cheese that gave him away?
And with what version did they start distributing the tools.
That is the one short coming of SuSE. So many packages, you never know what you have. I got lazy with my last installation, since I just bought a 40g drive. I just installed everything under the sun (except KDE, os hopefully it isn't in one of those packages).
I would have emailed, bu, you don't have one listed.
The Ordo server room used this principle in the book Cryptonomicon by Neal Stephenson. The door frame to the room was steel and wrapped with wire connected to the main power source and a backup generator. Any disk walking through the door would be forced to walk through a huge electromagnet.
I wish I could find the link the Feds use as guidelines for grabbing systems from suspects... Its a good read.
Anyhow, blasting the actual file is not enough. When you go to clean stuff off, make sure that chunk of hard drive (virtual ram) is flushed out as well - both *nix and windows. RAM drives go a long way here, if you were lucky enough to pick up a stack of 512M sticks when they were cheap.
+++ UGUCAUCGUAUUUCU
(N/T)
One would think the occasional cursing around the office would go away then.
"CRAP! I ACCIDENTELY DELETED THIS PRESENTATION THAT WILL BE CRUCIAL IN GETTING THIS NEW CUSTOMER. ARGH." <sound of breaking glass; anti-climax 'poof' 5 seconds later>
<grub> Reading
I deleted something in linux and I desperately need to get it back. Since it's all so easy to recover data that was previously believed to be gone for all eternity, how do I get it back? Thanks!
I find the following command useful:
/dev/hda, you don't mind reinstalling everything. It's sort of an OS suicide command.
# dd if=/dev/random of=/dev/hda
This is assuming, of course, that if your root partition is on
Using random data as opposed to zeroes is more secure because writing zeroes may leave a readable residual magnetic signature on the media whereas random data tends to obscure the mag sig.
Give me my freedom, and I'll take care of my own security, thank you.
I know there are install logs out there, but do they always include the location(s) of the file(s) and directories that where changed?
dd if=/dev/random of=/home /home
/dev/zero or /dev/null), but the problem is that after such procedure, by physically examining the disk, one can often reconstruct the pre-existing data WITH A CERTAIN DEGREE OF ACCURACY.
Use whatever is appropriate instead of
You can also overwrite files with zeros (such as the ones that come from
hth
Having recently left a job teaching police and customs officers how to get in to other people (read criminals) computers I zeroed my pc before I left. My ex-employers are still trying to work out whether or not I was being malicous. The next user will probably want to stuff some version of M$ on it anyway so I claim I was being considerate.
I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
VAX VMS would allow you to overwrite disk and tape sectors with some pattern. IIRC, a sysadmin could make this the default setting. Slower, to be sure, and a determined person could still recover information. But, combined with no net connection and locating the computer in a physically secure place, it was deemed good enough to develop classified software.
The clearance system sounds logical. It is not. It is completely arbitrary. -- John Bolton
> Then again, I don't have anything that important anyways.
Don't be so certain of that. Open up your wallet, and you'll see much of importance. No credit cards? That's not the most important thing you have. Take a close look at your driver's license, or any ID you have. That's of great value to many people, and whether or not you trust it to a computer most state governments will. Leaving something as simple as your name in a computer proves that a person by your name exists, which can be used for profit or to complete an agenda.
Virg
If bloated means dynamically allocating memory instead of silently failing or crashing, then I guess GNU software is bloated. Some of us like it that way though.
It's a great way of establishing prior art or what will become prior art, in protecting something from such constraining IP grabs.
There is a growing list of people opposing Intellectual Property constraints like copyrights and patents.
Petition Against Software Patents (I'm signer 1552... look who the signer 1551 is!). Maybe you'd like to sign too?
For more fun on the value of distributed information and how it can be used to protect, see comment #4:
Issues Related to the Identification of Prior Art During the Examination of a Patent Application
or
for an html versions of comment #4
YES! Usenet is a useful tool because it distributes along with an unbiased date time stamp.
man I have to wait a couple hours? too lazy do even that.
So take an eight-hour nap while your computer wipes your HD's free sectors.
Will I retire or break 10K?
This recovery is a breeze. Just follow these easy steps.
1.) Take the HD out of your machine, take it to your clean room, and crack it open.
2.) Pull the platters, one by one, run them under your magnetometer, and use the programming in your magnetometer to develop a magnetic wave map of your drive. Store this image in your workstation.
3.) Run the analyser over the waveform to get a datamap of the drive. Be sure to save the layers as separate images.
4.) Pan back through the resulting images, and find the one that corresponds to the drive topology at the time you want (the time when the file/data still existed in readable format).
5.) Create a disk image file from that waveform.
6.) Mount the resulting image, and copy your file to a more secure location.
See? Quick and easy.
Virg
It's easy and cheap to manufacture (hell, you can make it yourself out of aluminum and iron rust; getting a magnesium initiator might be a bit more difficult), you can burn through several drives at once and total destruction of data is guaranteed.
Just make sure you ignite the stuff outside. Thermite will burn through a reinforced concrete floor and you cannot put out the flame. It'll burn underwater, under a pile of sand and in vacuum.
People have been using 'CFS' to encrypt their home directories, etc for years, recently they added the ability to encrypt swap, with a moderate performance hit.
For the truly paranoid, a friend of mine is involved in a project developing hardware solutions for encryption between the CPU and RAM.
I do not deploy Linux. Ever.
Good wipe programs exist, and of course you use them. Physical destruction is one option (as many have mentioned). But there are a lot of tools everybody has to really screw with recovery; you can use them in conjunction with regular "wipe" programs.
You can create scripts that duplicate files repeatedly; use this after a wipe, and don't be afraid to run it whenever you feel like, or unattended.
Reformat the drive with a different filesystem, and wipe it again with a compatible program.
Again, go ahead and do this with as many OS-readable formats you have available. For the truly paraniod, install a different OS and play.
Wipe, defrag, and wipe again.
Use different programs/commands; individual methods may have strengths and weaknesses but when combined, the strengths are compounded.
A lot of forensic recovery relies on "bits" of files that can be recombined or simply offer clues or evidence of "hanky panky". The whole file isn't necessary; a few lines here and there can go a long way. Keep that in mind.
It may well be true that some forensic recovery is more myth than fact, but the truly paranoid thrive on myth.
I always use the shred program that comes with my linux disto (Mandrake, but I think Red Hat also comes with shred). It's a great program, has many command line arguments and options, and is designed specifically to thwart those disk analysis techniques that you talk about.
Here's what I do: shred -fuzv *
The only problem is that there is no 'recurse' flag, so if you have an entire subtree that you want to erase, you have to manually 'cd' to each directory, and then 'shred -fuzv *'.
If you're going to be doing something illegal, you need to pay attention what you are doing with your evidence. Don't leave the drugs on the living room coffee table. Don't deposit your proceeds into your bank account. Don't drive a Ferrari if you're unemployed. Don't inform your cohorts that their phones are tapped by calling them.
And when you're mailing out your weekly email newsletter to your loyal junkies, try to avoid mentioning anything incriminating, because SOMEONE might be less than vigilant in erasing those messages on a timely and thourough basis.
Just remember a quote from Miranda. "Anything you say can be used against you". Its only a matter of someone's ability to retrieve what you said that can put you in a compriming position in the future. If you obey the law and act ethically, you shouldn't have problems, but people can misread what you wrote years before and while on a witchhunt will twist what you said to mean something else. If that information simply isn't available, becuase you never provided the means to MAKE it available, liability is significantly reduced.
If you're going to email something to someone, consider how that email could be used to hurt you in the future. While I'm sure that every software company in the world has dreams of avarice of overthrowing the competition. And the internal harmless banter of corporate takeovers probably takes place. If one of those companies turns out to be the next Microsoft, and those internal emails are still available, years after the fact, they could be used as evidence, even if at the time it had nothing to do with company policy.
So.... be careful what you say. Someone might be listening.
-Restil
Play with my webcams and lights here
Continually write cruft to hard drive: Run a batch script that continually loops through: 1) dd from /dev/zero to a dummy file on partition; 2) delete when drive fills; 3) dd from dev/urandom to same file; delete file. As the drive will have many writes to it, it would make things very tough to recover. This never had much performance impact on the machine.
I wish I could find a utility that cleans out inode information, much like the dos/win utils that scrub deleted filenames from the FAT.
Edit documents and browse web from a virtual machine on an encrypted device:
I use the loopback patches (/pub/linux/kernel/people/hvr at your local kernel mirror) to run an encrypted device. I then use VMWare (though bochs, plex86, or User Mode Linux should work) to run Linux and Windows for browsing and email writing. Note that VMWare has a nice "undoable" disk feature, in which you can "commit" or "discard" changes to the virtual disk. So I have a pristine Win95 VM, which I log into to do my stuff, and then I discard the changes, thereby removing cached macterial, cookies, etc.
Note that this doesn't thwart traffic analysis or "rubber hose" tactics. In fact, once the loopback devices are mounted, you can perform standard file/data recovery techniques on them.
Use file encryption for email and sensitive files. I use GnuPG for this.
Method of processing duck feet
That helps avoiding recovery from the disk itself, but it doesn't do anything about the most effective recovery source: the backups. When I was doing VAX operator work, if your file was on the computer more than 24 hours it was guaranteed to be on the backup tapes for at least 2 weeks. If you left it in existence through Friday night, it'd take 3 months to roll off of backups. Unless of course it happened to be on the one full backup every month we pulled for archiving, in which case it might be anywhere from a year to 5 years until it got destroyed.
Conundrum: the whole point of backups is to make recovering deleted data easier, which directly conflicts with the need to make deleted data unrecoverable.
Sort of sad they can only bring back the hard drives.
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
Buy used.
I have bought a few old, "surplus" computers from the local University Surplus Assets dept.
Not once, had even a cursory attempt at cleaning the drive been made.
I have heard that #dd if=/dev/zero of=/dev/hda
might still leave it recoverable
would #dd if=/dev/rand of=/dev/hda be any better? or would it be a marked improvement du to the predictability of pseudo-random number generators?
I've written a program (screenshot here, about to be released soon) to enter passwords using your mouse, on a randomly-generated "keyboard"
The big problem with this approach is fairly fundamental of course. PGP encrypted discs don't let you paste text into their password dialog.
Oops, guess I should've checked this before I developed the app!
If you want to destroy evidence, you shouldn't forget your backups.. ;-)
(You do backup your important data, do you?
...and I was *never* asked to purge / delete archives. On the contrary, when we were under legal proceedings (before the bankruptcy and before I was given the ol' heave ho), we were specifically instructed to NOT delete ANYTHING related to the proceedings or any sort of backups / archives.
Funny that, though, that the mail systems were set to a strict 6 month retention cycle when we weren't in hot water. The main (internal) mail servers were exchange servers, but our mail gateway was a UNIX box, and that thing *did* get backed up regularly, and AFAIK the backup tapes are still around since we had a 10 *year* retention policy.
Forgot about the backup tape!
It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
The problem is, a dumb keylogger will catch the alt-tab you use to switch windows. A smart one will know which window the keys are going to and record that information. Either way, it isn't too hard to get the actual password.
Now, if you opened up enough Notepad windows alongside the PGP window and alt-tabbed through all of them, you'd make it much harder for them if they're using a "dumb" keylogger. But then again, you make it much harder for yourself too.
"People that quote themselves in their signatures bother me" - athakur999
Win-XP denounced as terrorism tool
http://www.blibbleblobble.co.uk/Downloads/KeyPad/i ndex.htm
Blatant advertising of a free open-source app for windows to type passwords using a randomly generated on-screen 'keyboard' !
It is a method for *preventing* exactly what you described TEMPEST to be. I remember TEMPEST certified Sun Sparc2Ts and their monitors. They were encased in perforated sheet metal (completely), with some kind of electromagnetic resistant glass for the front of the monitor (duh), akin to what you'd see on a microwave. HEAVY ASS monitors, and they *loved* asking us to move them around.
I'm stunned that both you and the New York Times are so behind the times. Freaking Oliver North? give me a break, that was fifteen years ago. The techonology of covering your ass was dramatically improved durring the innovative Clinton years. Such an ommision can not be due to ignorance, it must be politically motivated. Hmmmm.
Well, for any of you out there who might not be in the know, never write things you don't want other people to know. Never ever ever use M$ for confidential information, and alway encrypt your email. This works just as well for private correspondence and corporate work that you might not want to share with your competitors, as it does for politicians who want to murder their best friends.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
..any Microsoft Windows product.
It will be very annoying when the BSOD turns up.
But cat /dev/random > /dev/hda1
:)
should be good enough for anyone
I'm surprised I've seen no discussion here of the very basic problem of file slack space - that unallocated space at the end of the last sector of every data file, except those that exactly fill a disk sector. Most of the methods described here for easy ways to wipe empty hard drive space do not overwrite all the file slack space. You need a program that does that explicitly. Otherwise every sector with the tail end of a file contains easily recoverable data, although disassociated from any filename. Given that the slack space on a hard drive averages out to $sectorsize*$numfiles/2 (on average, 1/2 of a sector, times the number of files), the average 40Gb hard drive with 10,000 files might have 50Mb or more of recoverable data, even if the "empty" space were completely and unrecoverably wiped.
I learned about this while preparing to publish a program commercially, and discovered that (at least at the time) files I copied to the distribution media master sometimes contained sensitive data, such as the source code, from my own hard drive. Basically, DOS wasn't very picky about copying a few extra bytes along with the actual file length, as long as the extra bytes didn't go past the end of the destination sector. The answer? I used a slack wiping program on the master disk before sending it for duplication.
--Brandon / Split Infinity Music
dd if=/dev/zero of=/dev/hda works for me ;)
Repeate 4 or 5 times, and good luch recovering anything...
LedgerSMB: Open source Accounting/ERP
'rm -Rf star' is much preferrable, or '/bin/yes | rm -R star'. Otherwise you would be there all day pressing 'y'. You could always do it the Homer Simspon water bird way...
... offtopic and frivilous...)
(I know
If you want to check whether a particular piece of information is still there, just "grep" for it: "set history=0; fgrep mysecret /dev/hda".
Better is to do as follows:
;) ALL YOUR DATA WILL BE UNRECOVERABLE!!!
dd if=/dev/random of=/dev/hda
Repeat 6 or 7 times
LedgerSMB: Open source Accounting/ERP
Rather than politically motivated, how about Oliver North got caught shredding, and the Clintons didn't.
Not that they didn't get caugh covering something up. I'm talking about the very simple to understand act of taking paper and tearing it to bits, something Joe Average can identify with viscerally.
Talking about how somebody only overwrote a file once with all ones, making it possible to reread the data with scientific equipment just doesn't have the same simple "how things have changed" since then, does it?
to make matters worse,this was on my old laptop, and I couldn't find the floppy with the backup of the only important file--a 2/3 written journal article!
fortunately I use lyx, which is a text format. I piped dd through strings to a (huge) file on the dos partition, and got back most of my paper (but had to search through multiple contending versions. A better Idea would have been to use tr or sed to strip out everything outside the 32-127 range (plus
hawk, wiser now
It would be trivial to add that to GNU rm, but it's futile since there is another gnu tool for this purpose called GNU shred.
Hmmm, cool. It looks to me that shred needs some more features, though. It should be made option-compatible with rm so that the security-conscious could just use:
alias rm='shred'
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
That's good, as the information might just as well have been edited, or even created. A +4 funny post talked about what "easy money" this was. That's not exactly the kind of morals most people want in an independent third party witness, but the kind you can expect from one that's paid. Think about being confronted with all of your email, selectively edited, and not having access to the documents yourself! This kind of evidence will never be as good as hard copy that everyone can look at and study soberly, and even that is not enough on it's own. There are two parties in any dispute, both parties need to be impeeched to get at the truth.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
These filesystems optimize for full block overwrites. If the application is writing a full block, it may be faster to allocate a new block at a more convenient location, and deallocate the old block. However, if the application is writing less than a full block, the filesystem will have to read the contents of the old block anyway. So in that case, it will usually just write the new data back to the same location as the old.
The implication is that shred could work (slowly) on fancy filesystems if it did writes in a funny size, such as 3113 bytes
hawk
That's because they knew how. Murder was part of it.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Good point. On the system I was familiar with, the backup tapes were kept in a safe, and only full backups were done.
The clearance system sounds logical. It is not. It is completely arbitrary. -- John Bolton
cat
perl -e 'printf("mmm %x\n", 3735928559)'
I've used CFS on my laptop as my home directory. .bash_profile to Cattach the CFS directory and set $HOME to the encrypted directory. It worked very well. Even Netscape caching web pages worked well. Its pretty fast on a modern machine using Blowfish.
How do you do it? You have a normal home directory which bootstraps the CFS encrypted home directory. You do this by adding some lines at the end of
What about using compact flash instead of a harddrive? Evidently, some of these recovery methods (using an electron microscope (do they really mean STM?) on the harddisk surface) can recover overwritten data from a harddrive. Seems to me that Compact Flash would have less of a memory and once you overwrite the stored data once it really is gone.
If you have problems destroying documents, you could always ask Arthur Anderson or Enron.
And it's a good thing that the files are recoverable using these techniques, because even the old standard, writing 010101 patterns five times over won't stop modern recovery techniques.
When I served, we had to scrub our old hard drives in this way (010101), as otherwise they could get the info.
-
--- Will in Seattle - What are you doing to fight the War?
I didn't see anyone mention doing anything to their arhives. Any kind of media you are using for your arhives (from zip disks to the Samba share) needs to be included in any plan of this type of action.
Worrying about wiping isn't as big of a deal if you make the data indecipherable in the first place. :-) Check out rubberhose for more information: Basically an encrypted file system that's free and gives deniability. Who cares about file echoes when they're all chaos?
We can face anything... except for bunnies.
This only works on ext2 file systems. For those of using ReiserFS or Ext3, this doesn't work.
My journal has hot
Great. The Clintons are murderers and everyone who is not a Republican is a Communist. Iran-Contra never happened, nor did anything involving the words "Bush" or "Enron". Your world sure is interesting...
nt
digital tracking is all about cost. if you think "they" are after you with unlimited resources then you should not be using digital devices.
/.
too late for you now, they monitor
Is it still possible to recover data from a HD that has been smashed many times with a sledgehammer, and has every platter irreparibly beaten out of shape and holes punctured in them?
Without any "normal" deletion, of course.
The manual refers to the journaling feature.
In a journaling file system, structures/data are journaled instead of immediately overwritten. If the systems crashes during while writing, its likely you can at least revert to a previous, coehrent, state of the filesystem, instead of being stuck with a corrupted filesystem.
Though the effect of this behavior is more or less limited, it should be enough to worry anyone who thinks about using shred.
Looking just at the aspects of data deletion on the hard disk (i.e. ignoring the problems arising when data is transmitted to other computers), the problems of irretrievably deleting data have long been known. Most filesystems' delete commands are, of course, trivially insecure, since, at most, they make a note that the disk sectors containing the file are no longer allocated. Even overwriting the data multiple times may not be sufficient. I believe Peter Gutmann's 1996 Usenix paper, Secure Deletion of Data from Magnetic and Solid-State Memory, is still one of the (if not the) authoritative references on the subject. Briefly, when a bit is altered on a disk, the previous bits leave their imprints on the new bit, and it is possible to look back through the layers of deletion for data. Furthermore, it is possible to do this (to a limited degree, but even so...) with relatively inexpensive equipment.
Gutmann then goes on to derive a set of patterns that are optimal for rendering deleted data irretrievable. GNU shred (part of the GNU fileutils) uses these patterns and is the recommended tool for secure deletion in a Unix environment.
Note, however, that shred has some limitations in that it assumes that, when writing data to a file, it is overwriting the old data. The info node notes that this is not the case for some filesystems, including some journaling filesystems. Also, modern hard drives may remap drive sectors on the fly if those sectors begin to fail, leaving the possibility for data to remain in the swapped-out sectors. The safest method is, as usual, complete destruction of the drive.
--Phil (Me? Paranoid? Why do you ask?)
355/113 -- Not the famous irrational number PI, but an incredible simulation!
What would be a Good Idea is a security-oriented filesystem that automatically wiped blocks in some manner upon freeing them, and if the data being (re)written to a block on a write() was shorter than the old data (to make sure there is nothing visible dangling off the end of the block).
Liberty in your lifetime
BSD ppl are always praising the 'Unix Way' of small utilities that do a very defined job and nothing more, and hate the extended features that GNU utils provide; in this case it's BSD rm that is doing something that could be done by another tool by adding a flag! Horror!
Having two programs that both delete a file is not a very good example of the Unix Way. A better example would be to have one program that overwrites the file with random data (but does not delete/unlink it) and then a second program to delete/unlink the file.
cpeterso
...make friends with an organic chemist: Access to the 9.4 Tesla magnetic field of a 400 MHz Proton NMR machine can really do damage to magnetic coatings.
Elgon
But everyone knows . .. .
Real men don't make backups!
The previous has been a secret message to my comrades.
isn't it better to:
#shred important.txt
#rm important.txt
I was under the impression that even overwriting files doesn't destroy the data and the only way to destroy the data was to fill it with some slick hex code.
I use two products for windows, and on my *nix box there is nothing [too] private.
Get your Unix fortune now!
Most of the time, wiping data (with an overwrite) IS good enough to prevent "prying eyes" from finding it. If you have data which is sensitive enough and are truly concerned, then you should have a sufficient budget to use a hot-swappable drive bay and acid bath to eliminate all risk of left over magnetic signatures.
On the other hand, if you are commiting criminal acts, attempting to eliminate evidence, and do not have sufficient resources to do so, I (and the rest of the paranoid ppl here) should have no sympathy or technical advice.
Likewise, realize that no one will use the highly advanced and expensive steps to recover your data if there isn't sufficient financial incentive.
Sanitizer is probably the best software out there for completely obliterating data with extreme prejudice. It will absolutely destroy every bit on a hard drive, you won't even be able to read the edges of the data tracks for the erased data. It makes unwanted data disappear forever.
Sanitizer page
Erik
+= E
My filesystem actually removes the file entry from the directory, and clears the relevant inodes. Also, even FAT-based filesystems clear the FAT cluster chain, which can complicate recovery if the file was fragmented.
Make even shorter URLs - 8LN.org
* is not a star. It's an asterisk, or in computer lingo, it's a splat. How else can you come up with interesting phrases like splat-bang-hat? A few characters ARE badly named, however, I mean what is a tilde? We can form a full grammar with the following changes.
:)
~ = My apartment.
^ = Drew barrymore
_ = Jack Daniels
With this we can actually form useful phrases and logical conjectures, for instance...
#+_+^@~ = !*** =
Going straight to hell...
Just a clarification: That's what shred does, but you can also unlink the file that it overwrote by using an argument (-u).
"The price of freedom is eternal vigilance." - Thomas Jefferson
Don't project you blindness on me. Read my posts and you will see that I'm a friend of truth and freedom, not any political party. I will and have beat on Bush, and Ashcroft for all the bonhead things they do, but I'm not going to forget that the tools they are abusing were all forged by Democrats whoring to Hollywood and big publishers. Where would John Ascroft be without Jannet Reno's great Carnivore and Magic Lantern work. The DMCA layed the groundwork for computer slavery by establishing that you do not own the contents of your computer, demanding databases without warrent is the logical extension. Last but not least, it would be much more difficult for all of this to be shoved down our throats if it were not for the greedhead Clinton erra media consolidation that has left the airwaves as property of GE, Westinghouse and Disney.
That stupid article from the NYT is just part of the Democrat's little smear campaign. You know, like the convicted fellon author who made so much noise about fictional drug abuse. Trying to link Iran-Contra with the current Enron scandal is as pathetic as it is innefective and dishonest. No one really gave a shit about giving arms to the contras and it happened 15 years ago. You might as well say that Bush is dishonest because Richard Nixon lied to Congress. Don't you think it's a little funny that the historical perspective did not include, White Water where the President was accused of using his influence to bankrupt others for his own personal enrichment? Don't you think it's a little strange that all of the people besides the man who made money are dead or in jail? We shall see if Bush enriched himself at the public expense, but pissant articles like that don't do much to sway me.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
Because many traces of information are scattered on disk - put it in AC BFM approx 1 min after deletion.
We all know that lossy compression is the way to go!!
--Martini
I'd like to merely point out that Enron was filing false profit reports and encouraging its employees to invest in Enron stock at the same time Bill Clinton was playing golf with Ken Lay, had Lay as an overnight guest at the White House, and while Lay advised the Clinton administration on energy issues. Enron's current chief counsel represented Clinton in Paula Jones' sexual harassment lawsuit. Robert Rubin, Clinton's Treasury secretary, called a Treasury Department official last fall on Enron's behalf. David Boies, who represents Enron's former chief financial officer, led Democratic presidential candidate Al Gore's court challenges in the Florida recount. And Neil Eggleston, who represents Enron's outside directors, was an associate counsel in the Clinton White House.
No, I'm not saying the Clinton Administration covered up for Enron. I'm merely pointing out that, so far, all the attacks on Bush have been "guilt by association" -- and such attacks apply equally well to the previous administration, Al Gore, and Hillary Clinton.
I remember Teco would edit anything - even raw media if you flipped a bit - but that was on a PDP-11.
nevermind
ask Mr. Tatnal - he knows
Prep:
Obtain the following ingredients:
Iron (II) oxide, finely ground.
Aluminum powder, finely ground.
Magnesium powder.
Potassium nitrate (KNO3).
Fuse.
Mix 25% aluminum and 75% iron oxide. This is known as thermite. Set it aside.
Mix 50/50 magnesium and kno3. This will be the starter poweder. Set it, too, aside.
Remove your hard drive from the computer case and place it on a bit of wood across a metal bucket filled with sand. This is its new home, so make sure the cables reach.
Use:
When the feds come a knockin', quickly dump the thermite on your hard drive. Then, make a small pile of starter on top of the thermite, and place the fuse in this. Ignite and run out of the room. Alternatively, a sparkler (you know, the 4th of July things) can be used to start the thermite, instead of the powder/fuse. The thermite will burn around 2,000 degrees C, perhaps more. That should take care of that pesky data. It is very hard (impossible?) to put out, as it carries its own oxygen in the mix.
Don't worry about storing the thermite; it's very stable, needing high temperatures to start the reaction (hence the need for a starter). If you're so inclined, you could even build the system into your computer--nothing in there is going to make it go off. I do suggest the bucket of sand, though, as that is what should stop your lump of now-molten iron from going straight down to the floor.
--Psi
Overkill? Maybe. Fun? Definantly... if you have left overs, you can do various entertaining things with it....
I don't know about each of the journaled fileysystems in question, but at least some of them do not journal user data, only metadata changes. In other words, they journal block allocation and deallocation (size changes), and other changes to the inode.
If the filesystems aren't making the allocation optimization I mentioned, then shred is fine as is.
That said, the best place to implement a secure remove operation is in the filesystem code itself, rather than trying to trick it from user code.
Use public-key encryption. Keep your public key on your hard disk, and keep your private key on a floppy that you carry with you at all times. Carry a lighter with you at all times. If you start seeing black helecopters, burn the disk. Poof, problem solved.
Just washing your platters over with H2SO4 might be effective at deletion, but the gov't can claim that you were not only destroying evidence, but doing it in a manner that might be hazardous to human life. (Hence, no bombs, thermite is probably a no-no)
The acid referenced was perfectly OK for human hands, but deadly to the oxide on the platters. Anybody know what acid that might be?
Another suggestion might be to use a heavy encryption that thoroughly seems to randomize the data. Just changing a few bits in the encrypted file, would, when decrypted, yield only gibberish. This way, if the Feds are busting down your door, just a sprinkling of randomness through your encrypted files would render them useless.
I can not get the new opera 6 tp3 to accept cookies, therefor I am an AC. :(
What about files written to RAID devices. How do programs like srm and the other 'secure' file wiping programs perform?
Or does this not make a difference?
AC, AKA waa